﻿
<?php
    @mysql_connect("localhost","root","") or die("KHong the ket noi toi da");
    @mysql_select_db("gomsulonghau") or die("KHong the chon co so du lieu");
    if($_GET['act']== "do")
    {
        $username= addslashes($_POST['username']);
        $password=md5(addslashes($_POST['password']));
        $sql_query=@mysql_query("SELECT * FROM members WHERE username='{$username}'");
        $member= @mysql_fetch_array($sql_query);
        if(@mysql_num_rows($sql_query)<=0)
        {
            print"Ten truy nhap khong ton tai. <a href='javascript:history.go(-1)'>Nhap vao day de quay tro lai</a>";
            exit ;
        }
        if($password!=$member['password'])
        {
             print "Nhập sai mật khẩu. <a href='javascript:history.go(-1)'>Nhấp vào đây để quay trở lại</a>";
             exit;  
        }
        @session_start();
        $_SESSION['user_id']=$member['id'];
        echo("ban da dang nhap thanh cong voi ten {$member['username']} thanh cong. <a href='../home/index.php'>Nhap vao day de vao trang chu</a>");
    }
    else
    {
print<<<EOF
    <label>Dang Nhap<label>
    <form action="l.php?act=do" method="POST">
    Username: <input type="text" name="username" value="">
    Password: <input type="password" name="password" value="">
    <input type="submit" name="submit" value="Login">
    </form>
EOF;
    }


?> 
